Debian Patches
Status for chkrootkit/0.57-2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 14_chkutmp.patch | chkutmp: Fixe chkutmp parser Upstreamable. Dates from 2017 or earlier |
"Aaron M. Ucko" <team+pkg-security@tracker.debian.org> | yes | 2017-07-09 | ||
| 01_nostrip.patch | Remove explicit use of 'strip' from the upstream Makefile debhelper will automatically strip everything when we build the package. This is a Debian-specific modification - upstream unlikely to want this. |
Francois Marier <francois@debian.org> | yes | debian | 2021-10-10 | |
| 02_workingdir.patch | chkrootkit: cd /usr/lib/chkrootkit. Upstream chkrootkit is designed to be run from it's build directory, so calls all its executables with a "./" prefix. On Debian, executables are placed in /usr/lib/chkrootkit. . This could be upstreamed but presumably upstream would prefer the existing behaviour. . This patch is from 2017 or earlier. |
Unknown Author <team+pkg-security@tracker.debian.org> | yes | 2017-07-09 | ||
| 03_linedup_reports.patch | Modify chkrootkit's printn to use printf if available. This improves readability of the output (if no -q given) by right-aligning the "nothing found" results. . A previous comment noted that upstream was not interested in this patch as printf is not portable. However, this patch should work even if printf is not present. |
Jari Aalto <jari.aalto@cante.net> | yes | debian | 2005-12-14 | |
| 04_backslashes.patch | Remove unnecessary backslashes from two chkrootkit messages This is upstreamable. |
"James R. Van Zandt" <jrv@debian.org> | yes | debian | 2008-09-06 | |
| 05_disable_enye.patch | chkproc: do not send signal 58 to PID 12345 This disables the test for Enye LKM. As the bug report notes, sending a non-standard signal to test whether a process might be a trojan risks killing unrelated software and should not be done. . This is upstreamable and was first forwarded upstream in April 2008 |
Francois Marier <francois@debian.org> | yes | debian | 2008-04-21 | |
| 06_quiet.patch | Make chklastlog support -q and make chk_* functions consistent The chk_* functions should not produce output unless in EXPERT mode, but should return INFECTED, NOT_FOUND etc and the main loop should produce output . This patch only looks at the chk_* functions (where * is in TROJANS - the functions names after the content of TOOLS are expected to produce output themselves, although this is not conistent (later debian patches address this) . This ensures even more output is hidden if -q is passed to chkrootkit . This is upstreamable. |
lantz moore <lmoore@debian.org> | yes | debian | 2002-10-03 | |
| 07_promisc.patch | Make ifpromisc output pid as well as name Makes a number of internal changes to ifpromisc . This introduces new behaviour where * if a 'packet sniffer' is detected, its pid is output as well as the name * instead of PF_PACKET the output is "PACKET_SNIFFER" . This is upstreamable. |
lantz moore <lmoore@debian.org> | yes | debian | 2005-11-27 | |
| 08_unidentified.patch | collection of other changes to upstream source made by debian All changes appear upstreamable. This dates from 2017 or earlier. |
Francois Marier <francois@debian.org> | yes | 2017-07-09 | ||
| 09_excludes.patch | Adds -e option to chkrootkit and function lookfor_rootkit Also from: Roger Leigh" <Roger Leigh rleigh@debian.org> . This adds the ability to exclude specific files/directories from the checks with the -e option . It also adds lookfor_rootkit function to remove duplication from code that searches for specific files and directories to detect several rootkits (HiDrootkit, t0rn, Lion, RSHA, RH-Sharpe) . Upstreamable |
"francois@debian.org" <francois@debian.org> | yes | 2017-07-09 | ||
| 11_logpath.patch | Read logs from /var/log instead of /var/adm Potentially upstreamable (may also be non-portable) Dates from 2017 or earlier. |
Giuseppe Iuculano <giuseppe@iuculano.it> | yes | 2017-07-09 | ||
| 12_procpsv3.patch | chkproc: default to procps version 3. Upstreamable. Dates from 2017 or earlier |
Giuseppe Iuculano <giuseppe@iuculano.it> | yes | 2017-07-09 | ||
| 15_kfreebsd.patch | ifpromisc: Add missing include <stdint.h> Upstreamable Dates from 2017 or earlier |
Unknown Author <team+pkg-security@tracker.debian.org> | yes | 2017-07-09 | ||
| 16_php.patch | Fix the check for suspect PHP files Before this patch, 1. Any non-text file contents confuse the results of the grep if they match. 2. Not file names are printed, but file contents. . This patch fixes '/usr/bin/find: head terminated by signal 13' errors and prints affected file names instead of their content. . This dates from 2017 or earlier, but was refreshed in 2013 |
Andreas Stempfhuber <andi@afulinux.de> | yes | 2017-07-09 | ||
| 17_Suckitfalse.patch | chkroootkit: false positive for Suckit under systemd or upstart Upstreamable. |
Giuseppe Iuculano <iuculano@debian.org> | yes | debian | 2015-03-23 | |
| 18_fix-stack-smash.patch | chkutmp: Change UT_LINESIZE to UT_PIDSIZE Dates from 2017 or earlier The previous description stated only 'fix good old stack smash' . Upstreamable |
Unknown Author <team+pkg-security@tracker.debian.org> | yes | debian | 2017-07-09 | |
| 20_Proper-flags.patch | Honor preprocesor and linker flags added at compile time by debhelper. Thanks to Lukas Schwaighofer for suggesting some improvements. Dates from 2017 or earlier . Upstreamable . Depends on patch 02 . |
Marcos Fouces <marcos@debian.org> | yes | 2017-07-09 | ||
| 21_fix_loc_function.patch | Output the results of the loc() function in test for LOC rootkit Upstreamable |
Arthur de Jong <arthur@west.nl> | yes | 2017-07-09 | ||
| 22_fix_Makefile_target.patch | Makefile: make "all" target depend on "sense" This removes the use of @exec and the message "stopping make sense". . Thanks to Lukas Schwaighofer. . Upstreamable but presumably they will prefer the original approach |
Marcos Fouces <marcos@debian.org> | yes | 2017-07-24 | ||
| 24_ser2net_exception_in_scalper.patch | Add exception for ser2net in scalper() Upstreamable |
Lorenzo 'Palinuro' Faletra <palinuro@parrotsec.org> | yes | debian | 2018-04-19 | |
| 51_chkdirs-resolve-signed-comparison.patch | chkdirs: resolve signed comparison chkdirs.c: In function ‘make_pathname’: chkdirs.c:73:38: error: comparison of integer expressions of different signedness: ‘long unsigned int’ and ‘int’ [-Werror=sign-compare] 73 | if (!(*buffer) || (sizeof(*buffer) < pathname_len)) { | ^ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 25a_fix_patch_25.patch | chkrootkit: Fix test 'suspicious files and directories' without -q (This should be merged with patch 25, and depends on that patch) Upstreamable (not forwarded) |
Richard Lewis <richard.lewis.debian@googlemail.com> | no | 2021-10-10 | ||
| 26_improve-info-help-display.patch | chkrootkit: Improve information displayed with chkrootkit -h Needs to come after patch #25 Upstreamable apart from the reference to a Debian-specific documentation file |
Marcos Fouces <marcos@debian.org> | yes | debian | 2020-04-13 | |
| 27_fix-race-condition-ps-proc.patch | chkproc: patch 27: avoid race condition The previous description stated that this intends to fix a ""a really bad race condition in it where it compares ps and /proc." and " This patch fixes this by double checking to ensure the process hasn't exited." . (Refreshed 2023-03-11 to correct an issue where some unrelated lines were being removed by mistake having looked at the BTS, it seems these were introduced when the patch was rebased for 0.48 debian then corrected some of these in 2022 via separate patches (55,55a), and these have been squashed into patch 27 to simplify the patch queue. ... there is no change to the functionality that patch 27 introduces) This depends on patches - 12 (which sets pv to 3 by default - chkrootkit always sets this explicitly) - 8 - 5 |
Adrian Bridgett <adrian@smop.co.uk> | yes | debian | 2020-07-24 | |
| 29_chkdirs-fix-dead-code.patch | chkdirs: fix dead code In line 72 buffer is forced to be non-NULL, because it got dereferenced in line 71. chkdirs.c:71:10: warning: Either the condition 'if(buffer)' is redundant or there is possible null pointer dereference: buffer. [nullPointerRedundantCheck] if (!(*buffer) || (sizeof(*buffer) < pathname_len)) { ^ chkdirs.c:72:8: note: Assuming that condition 'if(buffer)' is not redundant if (buffer) free((void *)*buffer); ^ chkdirs.c:71:10: note: Null pointer dereference if (!(*buffer) || (sizeof(*buffer) < pathname_len)) { ^ Found by Cppcheck |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 30_chklastlog-fix-out-of-bounds-access.patch | chklastlog: fix out of bounds access We dereference userid at *uid, so *uid must be strictly smaller than userid' size. chklastlog.c:184:14: warning: Either the condition '*uid>99999' is redundant or the array 'userid[99999]' is accessed at index 99999, which is out of bounds. [arrayIndexOutOfBoundsCond] if (!userid[*uid]) ^ chklastlog.c:178:26: note: Assuming that condition '*uid>99999' is not redundant if (*uid > MAX_ID) ^ chklastlog.c:184:14: note: Array index out of bounds if (!userid[*uid]) ^ Found by Cppcheck |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 31_ifpromisc-always-null-terminate-interface-names.patch | ifpromisc: always null-terminate interface names In file included from /usr/include/string.h:495, from ifpromisc.c:54: In function ‘strncpy’, inlined from ‘if_fetch’ at ifpromisc.c:311:3, inlined from ‘if_print’ at ifpromisc.c:347:11: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: warning: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Wstringop-truncation] 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In function ‘strncpy’, inlined from ‘if_fetch’ at ifpromisc.c:313:3, inlined from ‘if_print’ at ifpromisc.c:347:11: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: warning: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Wstringop-truncation] 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 33_chklastlog-silence-array-bounds-warning.patch | chklastlog: silence array-bounds warning In file included from /usr/include/string.h:495, from chklastlog.c:45: In function ‘memcpy’, inlined from ‘main’ at chklastlog.c:114:9: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34:10: error: ‘__builtin_memcpy’ forming offset [14, 126] is out of the bounds [0, 14] [-Werror=array-bounds] 34 | return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In function ‘memcpy’, inlined from ‘main’ at chklastlog.c:115:9: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34:10: error: ‘__builtin_memcpy’ forming offset [17, 126] is out of the bounds [0, 17] [-Werror=array-bounds] 34 | return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 34_chkwtmp-silence-array-bounds-warning.patch | chkwtmp: silence array-bounds warning In file included from /usr/include/string.h:495, from chkwtmp.c:28: In function ‘memcpy’, inlined from ‘main’ at chkwtmp.c:74:8: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34:10: error: ‘__builtin_memcpy’ forming offset [14, 126] is out of the bounds [0, 14] [-Werror=array-bounds] 34 | return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 35_ifpromisc-solve-unused-result-warnings.patch | ifpromisc: solve unused result warnings ifpromisc.c: In function ‘read_proc_net_packet’: ifpromisc.c:112:5: error: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result] 112 | fgets(buf, 80, proc); | ^~~~~~~~~~~~~~~~~~~~ ifpromisc.c: In function ‘walk_process’: ifpromisc.c:211:13: error: ignoring return value of ‘readlink’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result] 211 | readlink(path, link, sizeof(link) - 1); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 36_chkproc-silence-unused-result-warnings.patch | chkproc: silence unused result warnings chkproc.c: In function ‘readline’: chkproc.c:124:5: error: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result] 124 | fgets(buf, MAX_BUF, stream); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ chkproc.c:127:7: error: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result] 127 | fgets(buf, MAX_BUF, stream); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 37_chkutmp-silence-unused-result-warnings.patch | chkutmp: silence unused result warnings chkutmp.c: In function ‘fetchps’: chkutmp.c:90:2: error: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result] 90 | fgets(line, MAXREAD, ps_fp); /* skip header */ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ chkutmp.c:124:20: error: ignoring return value of ‘fgets’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result] 124 | fgets(line, MAXREAD, ps_fp); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 38_chklastlog-resolve-signed-comparison.patch | chklastlog: resolve signed comparison chklastlog.c: In function ‘main’: chklastlog.c:169:33: error: comparison of integer expressions of different signedness: ‘long int’ and ‘long unsigned int’ [-Werror=sign-compare] 169 | if (wtmp_bytes_read < sizeof(struct utmp)) | ^ chklastlog.c:189:45: error: comparison of integer expressions of different signedness: ‘long int’ and ‘long unsigned int’ [-Werror=sign-compare] 189 | if (wtmp_bytes_read < sizeof(struct lastlog)) | ^ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 39_chkproc-resolve-signed-comparison.patch | chkproc: resolve signed comparison chkproc.c: In function ‘readline’: chkproc.c:121:17: error: comparison of integer expressions of different signedness: ‘size_t’ {aka ‘long unsigned int’} and ‘int’ [-Werror=sign-compare] 121 | if (strlen(s) == (size-1) && s[size-1] != '\n') | ^~ chkproc.c: In function ‘dodgy_process’: chkproc.c:280:14: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] 280 | path[(j < sizeof(path)) ? j : sizeof(path) - 1] = 0; | ^ chkproc.c:280:32: error: operand of ‘?:’ changes signedness from ‘int’ to ‘long unsigned int’ due to unsignedness of other operand [-Werror=sign-compare] 280 | path[(j < sizeof(path)) ? j : sizeof(path) - 1] = 0; | ^ chkproc.c:283:14: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] 283 | path[(j < sizeof(path)) ? j : sizeof(path) - 1] = 0; | ^ chkproc.c:283:32: error: operand of ‘?:’ changes signedness from ‘int’ to ‘long unsigned int’ due to unsignedness of other operand [-Werror=sign-compare] 283 | path[(j < sizeof(path)) ? j : sizeof(path) - 1] = 0; | ^ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 40_strings-resolve-signed-comparison.patch | strings: resolve signed comparison strings.c: In function ‘strings’: strings.c:78:47: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] 78 | if (c == 0 || c == '\n' || printmeindex >= sizeof(printme)-1) iseol = 1; | ^~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 41_chkutmp-silence-unused-parameter-warnings.patch | chkutmp: silence unused parameter warnings chkutmp.c: In function ‘main’: chkutmp.c:180:14: error: unused parameter ‘argc’ [-Werror=unused-parameter] 180 | int main(int argc, char *argv[]) | ~~~~^~~~ chkutmp.c:180:26: error: unused parameter ‘argv’ [-Werror=unused-parameter] 180 | int main(int argc, char *argv[]) | ~~~~~~^~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 42_chkdirs-annotate-usage-with-noreturn.patch | chkdirs: annotate usage with noreturn chkdirs.c: In function ‘usage’: chkdirs.c:56:6: error: function might be candidate for attribute ‘noreturn’ [-Werror=suggest-attribute=noreturn] 56 | void usage () | ^~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 43_chklastlog-remove-unused-and-shadowing-variable.patch | chklastlog: remove unused and shadowing variable chklastlog.c: In function ‘main’: chklastlog.c:109:10: error: declaration of ‘uid’ shadows a global declaration [-Werror=shadow] 109 | uid_t *uid; | ^~~ chklastlog.c:79:8: note: shadowed declaration is here 79 | uid_t *uid; | ^~~ chklastlog.c: In function ‘getslot’: chklastlog.c:295:48: error: declaration of ‘uid’ shadows a global declaration [-Werror=shadow] 295 | int getslot(struct s_localpwd *localpwd, uid_t uid) | ~~~~~~^~~ chklastlog.c:79:8: note: shadowed declaration is here 79 | uid_t *uid; | ^~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 45_chkproc-do-not-discard-const-qualifier.patch | chkproc: do not discard const qualifier chkproc.c:92:6: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers] 92 | "ps -edf", | ^~~~~~~~~ chkproc.c:93:6: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers] 93 | "ps auxw", | ^~~~~~~~~ chkproc.c:94:6: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers] 94 | "ps mauxw 2>&1 ", | ^~~~~~~~~~~~~~~~ chkproc.c:95:13: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers] 95 | "ps auxw -T|tr -s ' '|cut -d' ' -f2-", | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 46_chkutmp-do-not-discard-const-qualifier.patch | chkutmp: do not discard const qualifier chkutmp.c:73:5: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers] 73 | "ps -ef -o \"tty,pid,ruser,args\"", /* solaris */ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ chkutmp.c:74:5: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers] 74 | "ps axk \"tty,ruser,args\" -o \"tty,pid,ruser,args\"" /* linux */ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 54_chkrootkit-Remove-trailing-space-in-windigo-not-found-message.patch | Remove trailing space from output of ssh test In test for Linux/Ebury - Operation Windigo ssh test Unlike other tests, the "not found" message was printed with a trailing space |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2021-10-16 | ||
| 53_chkrootkit-remove-trailing-whitespace.patch | chkrootkit: remove trailing whitespace Removes trailing whitespace from chkrootkit |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-18 | ||
| 69_chkrootkit-fix-syntax-errors-in-chk_login.patch | chkrootkit: fix syntax errors in chk_login Remove stray ] Redirection of stderr should be after stdout not before |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-20 | ||
| 62_chkrootkit-Prevent-warnings-when-running-in-an-lxc-container.patch | chkrootkit: Prevent warnings when running in lxc This patch redirects stderr to /dev/null when running the check for the Omega worm. Some lxc containers (such as those used in the debian buildd debci system), have a /dev that 'contains' files from the host that cannot be read. This patch redirects stderr from the find to /dev/null to avoid messages appearing in the chkrootkit output (this is consistent with the check for the Lion Worm). |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2021-11-27 | ||
| 78_chkrootkit-fix-test-for-ebury-1.6.patch | chkrootkit: fix test for ebury 1.6 Call to egrep was using | without brackets - so the | only 'applied' to the surrounding characters. seems unlikely to be correct. |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-26 | ||
| 64_chkrootkit-Define-egrep-later-to-support-p.patch | chkrootkit: Define ${egrep} later to support '-p' The -p option allows the user to set a path for commands like grep This is done by parsing the $cmdlist variable This means we should define '${egrep}' to use the ${grep} variable after ths parsing. But the upstream code was setting egrep too early, and hardcoding the system's 'grep'. This patch moves the definition later, and uses $grep. |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-18 | ||
| 80_chkrootkit-make-output-consistent-aliens.patch | chkrootkit: make output consistent Should now get consistent output - in non quiet mode: - each tests statts with a "checking for" line - this line is finished with a WARNING if file is found, and this indicates which files were found on a new line. - or "not found"/"not tested" if skipped - in quiet mode the "checking for..." is skipped, as is the output if nothing was found. But the WARNING and list of files are still produced so the user can tell what the issue was. - make more tests use lookfor_rootkit - reindent in several places - quote variables to avoid globbing - use $(...) instead of deprecated `....` |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-27 | ||
| 48_chkdirs-free-memory-on-failure.patch | chkdirs: free memory on failure chkdirs.c:182:7: warning: Potential leak of memory pointed to by 'dl' fprintf(stderr, "lstat(%s/%s): %s\n", ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /usr/include/x86_64-linux-gnu/bits/stdio2.h:113:3: note: expanded from macro 'fprintf' __fprintf_chk (stream, __USE_FORTIFY_LEVEL - 1, __VA_ARGS__) ^~~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 49_chkdirs-fix-return-logic.patch | chkdirs: fix return logic If called with multiple arguments, do fail if any directory fails, not only the last one. |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 50_strings-drop-dead-assignment.patch | strings: drop dead assignment strings.c:94:5: warning: Value stored to 'printmeindex' is never read printmeindex = 0; ^ ~ 1 warning generated. |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 10_fixwarnings.patch | Some little fixes to silence compiler. This is from 2017 or earlier. |
Giuseppe Iuculano <giuseppe@iuculano.it> | yes | 2017-07-09 | ||
| 28_chkdirs-fix-memory-leak.patch | chkdirs: fix memory leak chkdirs.c:126:2: error: Memory leak: curpath [memleak] return(-1); ^ Found by Cppcheck |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 67_chkrootkit-ensure-only-one-argument-passed-to-expertmode_.patch | chkrootkit: ensure only one argument passed to expertmode_output The expertmode_output function only uses one argument, so when calling it, items with a space require quoting |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-18 | ||
| 73_chkrootkit-fix-netstat-and-ss-tests.patch | chkrootkit: fix netstat and ss tests in tests that use netstat or ss - use -n option to ss to keep port numbers numeric (otherwise ss may use service names - chk_netstat_or_ss should set $netstat to the path so that $netstat can be influenced by -p like the other commands in _chk_netstat_or_ss - prefer ss to netstat in chk_netstat - for consistency, return NOT_FOUND rather than NOT_INFECTED if we did nit have netstat installed |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-21 | ||
| 70_chkrootkit-fix-chk_date.patch | chkrootkit: fix chk_date() Redirect output of grep to /dev/null |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-20 | ||
| 66_chkrootkit-Make-output-consistent.patch | chkrootkit: Make output consistent Lower case 'INSTALLED' -> 'installed' and fix typo 'rotkit' -> 'rootkit' |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-18 | ||
| 13_exitcode.patch | Make chkrootkit explicitly exit 0 Otherwise the exit code is that of the last test that ran. This is particularly useful when calling from a script with set -e (such as from cron) . Upstreamable |
"Arjan Opmeer, Giuseppe Iuculano" <giuseppe@iuculano.it> | yes | debian | 2009-08-11 | |
| 19_openssh.patch | chkrootkit: fix Windigo test Dates from 2017 or earlier Upstreamable |
Unknown Author <team+pkg-security@tracker.debian.org> | yes | 2017-07-09 | ||
| 25_fix-nfs-legacy-sniffers.patch | chkrootkit: Add -s option to filter ifpromisc output Also do not search nfs filesystems . This patch does two things: 1) exclude nfs filesystems from calls to find 2) new option '-s' fot chkrootkit to allow excluding lines from ifpromisc output . This patch also (attempts to) fix #548582 by not outputting an empty list if -q is give. . HOWEVER, it does not seem to be correct if -q is not given . Needs to come after patch #09 |
Stefano Torricella <stetor@y2k.it> | yes | debian | 2010-05-06 | |
| 47_chklastlog-remove-dead-assignment.patch | chklastlog: remove dead assignment chklastlog.c:249:12: warning: Although the value stored to 'pwdent' is used in the enclosing expression, the value is never actually read from 'pwdent' while ((pwdent = getpwent())) { ^ ~~~~~~~~~~ 1 warning generated. |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 32_chkdirs-use-strdup-to-avoid-stringop-overflow-warning.patch | chkdirs: use strdup to avoid stringop-overflow warning In file included from /usr/include/string.h:495, from chkdirs.c:42: In function ‘strncpy’, inlined from ‘check_dir’ at chkdirs.c:136:5: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=] 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ chkdirs.c: In function ‘check_dir’: chkdirs.c:111:25: note: length computed here 111 | if (!path || !(plen = strlen(path))) { | ^~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 44_ifpromisc-do-not-discard-const-qualifier.patch | ifpromisc: do not discard const qualifier ifpromisc.c:69:17: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers] 69 | char *Release = "chkrootkit package", | ^~~~~~~~~~~~~~~~~~~~ ifpromisc.c:70:17: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers] 70 | *Version = "@(#) ifpromisc 0.9 (2007/06/15)"; | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Christian Göttsche <cgzones@googlemail.com> | yes | 2020-07-24 | ||
| 52_chkdirs-fix-spelling-error-and-whitespace.patch | chkdirs: fix spelling error Replaces 'WARNIING' with 'WARNING' and removes trailing whitespace |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2021-10-15 | ||
| 56_chkrootkit-Fix-logic-so-that-sshd-test-runs.patch | chkrootkit: Fix logic so that sshd test runs '-s' means size >0, so we want NOTFOUND if -s fails |
Richard Lewis <richsrd.lewis.debian@googlemail.com> | invalid | 2021-10-16 | ||
| 57_chutmp-improve-message-if-processes-without-tty-are-found.patch | chutmp: improve message if processes without tty are found (The message needs 'was' not 'were' because "The tty" is singular) It also fixes indentation around the change and removes trailing whitespace. . Upstreamable |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2021-10-16 | ||
| 58_chkrootkit-improve-output.patch | chkrootkit: improve output Add some missing messages (in non-quiet mode) where nothing was found Upstreamable. Depends on previous changes to chkrootkit |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2021-10-22 | ||
| 61_chkrootkit-Prevent-hanging-in-an-lxc-container.patch | chkrootkit: Prevent hanging in an lxc container lxc bind-mounts pts devices over /dev, but find does not notice, so find /dev -type f still finds /dev/console. The aliens test then tries to grep this and hangs. This patch passes --device=skip to grep which stops it hanging. Another alternative would be to pass '! -fstype devpts'. |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | debian | 2021-10-29 | |
| 63_chkrootkit-Make-the-T.R.K-test-capable-of-finding-anything.patch | 63 chkrootkit: Make the 'T.R.K' test capable of finding anything Before this patch the check for T.R.K was running find but redirecting both stdout and stderr to /dev/null, so nothing could ever be detected. Only stderr needs to be ignored. |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2021-11-27 | ||
| 65_chkrootkit-comment-out-use-of-kill-SIGCONT-31337.patch | chkrootkit: comment out use of 'kill -SIGCONT 31337' Part of the test for the Kovid LKM rootkit involves sending a SIGCONT signal to pid 31337 This patch comments that out - this may break that test, but that seems preferable to sending signals to normal processes. if the pid is a normal process then sending it a SIGCONT signal could cause unexpected behaviour, (eg if the user deliberately backgrounded something) |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-18 | ||
| 68_checkrootkit-use-ROOTDIR-consistently.patch | chckrootkit: use ${ROOTDIR} consistently Because chkrootkit ensures ROOTDIR ends in a / it can be used as "${ROOTDIR}path/to/dir" But this was not done consistently. This patch fixes that by removing / after ${ROOTDIR} |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-19 | ||
| 71_chkrootkit-use-grep-not-grep-in-tests.patch | chkrootkit: use $grep not grep in tests To support -p,grep should not be called directly, but only via $grep or $egrep |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-21 | ||
| 81_chkrootkit-add-missing-braces-in-bindshell-test.patch | chkrootkit: simplify bindshell test make $PORT space separated - avoids need for sed Avoid calling grep twice |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-27 | ||
| 74_chkrootkit-Make-chkutmp-should-support-p.patch | chkrootkit: Make chkutmp and lkm tests support -p chkutmp and chkproc call 'ps', and per the comments in chkutmp this assumes that this is safe. this patch adds the directory passed by -p to patH before calling those tools so that a known good ps can be used if it is available. |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-21 | ||
| 77_chkrootkit-fix-syntax-error-in-test-for-64-bit-modules.patch | chkrootkit: fix syntax error in test for 64-bit modules The test has a stray '2' which means the call to find will always give a syntax error and never find anything. I assume this is a typo and should be deleted. |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-26 | ||
| 82_chkrootkit-clarify-output-from-lkm-test.patch | chkrootkit: clarify output from lkm test Move test for chkdirs and chkproc later so that test for spexific lkm can still run if neither is present Make it clesrer which command produced output |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-27 | ||
| 83_chkrotkit-Clarify-output-from-other-TOOLS.patch | chkrootkit: Clarify output from other TOOLS Make it clear which command is producing output |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-27 | ||
| 84_chkrootkit-simplify-chk_inetdconf.patch | chkrootkit: simplify chk_inetdconf Remove unnccessary uses of cat and grep |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-27 | ||
| 86_chkrootkit-usrmerge-fix.patch | chkrootkit: usrmerge fix Make tests that search /bin (using find) also search /usr/bin so that they work on usrmerged systems |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-03-04 | ||
| 59_chkrootkit-Remove-duplicate-entries-from-check-of-suspicious-files.patch | chkrootkit: Remove duplicate entries from check of suspicious files The check for hidden files in /usr/lib (and other dirs) was looking for files and directories separately, but every directory (other than those starting with a . then a number) was already included in the list of files found. This patch simplifies the search to include anything starting with a . |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2021-10-23 | ||
| 60_chkrootkit-Improve-output-of-sniffer-and-make-rexedcs-give-some-output-if-infected.patch | chkrootkit: Improve output of sniffer and rexedcs tests In sniffer() * Ensure $outmsg is quoted to avoid the output of ifpromisc being compressed onto one line. * This improves -s so you can actually filter some output and leave the rest * we also now add a 'header' line to explain what is being shown * and if nothing was found then no output was being made at all, which meant we didn't finish the "checking sniffer ..." line in non-quiet mode In rexedcs if something was found then no output was produced at all, which is not right |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2021-10-24 | ||
| 72_chkrootkit-ensure-ssh-is-set-before-testing-for-windigo-e.patch | chkrootkit: ensure $ssh is set before testing for windigo/ebury 1.4 $ssh was not defined but should have been set using loc (in the part thst only runs under -x it was being set with 'which' but all other testsbuse 'loc' Without this the test for ebury 1.4 was never run |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-21 | ||
| 75_chkrootkit-More-instances-where-x-should-be-x.patch | chkrootkit: More instances where x should be ${x} To support -p commands in $cmdlist are meant to be called only as $cmd, but there were several places where this was not done |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-22 | ||
| 79_chkrootkit-fix-syslogk-test-redirection.patch | chkrootkit: fix syslogk test redirection Add missing braces around $ROOTDIR, else we will create '/syslogk' Since the error message from a missing files comes when sh sets up the redirections not 'echo', we need to use a subshell to hide the 'no such file or directory' error. And as stdout from 'echo' is going into the 'file' only stderr should be sent to /dev/null And because we are writing a 1 we need a space before the > or we would be redirecting stdout |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-02-26 | ||
| 85_chkrootkit-Also-redirect-stderr-from-grep-to-dev-null.patch | chkrootkit: Also redirect stderr from grep to /dev/null This avoids spurious output if a test is using grep on a files that does not exist |
Richard Lewis <richard.lewis.debian@googlemail.com> | invalid | 2023-03-02 |